Failure to tackle online and telephone fraud costs small businesses €310 million annually
5th July 2023: The Irish SME Association, ISME, is calling on Government to introduce measures as a matter of urgency, that will help tackle and reduce business fraud in Ireland. If successfully implemented, these simple suggested steps will reduce fraud and save small businesses from severe financial loss. Currently the cost of fraud to the SME sector is conservatively estimated at €310 million annually.
Tackling business fraud crosses a range of government departments and state agencies, so ISME will be contacting the Minister for Finance; Minister for Enterprise, Trade and Employment; the Minister for the Environment, Climate and Communications; the Central Bank; ComReg and the Garda National Economic Crime Bureau, in its effort to implement three basic fraud reduction tactics for businesses.
The top three measures to tackle basic online and telephone fraud are:
- Tackling email compromise – with good workplace security and password policy. Email compromise is used to carry out invoice redirect fraud, or to circulate malware or ransomware, through phishing or social engineering. Service providers must do more to stop email compromise at source.
- Tackling scam texts and calls – with the installation of filters capable of detecting incoming fake calls or texts. Large numbers of businesses and consumers have been victims of “smishing” texts which purport to originate from service providers. ComReg estimates the cost alone of these scam calls and texts in Ireland to be in the region of €300m per annum. The technology to disrupt scam texts and calls exists. It simply must be rolled out to all manufacturers and network operators.
- Tackling invoice redirect fraud – with Confirmation of Payee (CoP) technology for Electronic Funds Transfer (EFT) payments. Fraudulent EFT activity has significantly increased in Ireland recently as legitimate IBAN changes have occurred because of the closure of Ulster Bank and KBC. EFT payments in Ireland rely fully on the payee IBAN to affect the payment, yet payee details are not cross-checked by banks against the IBAN on record for that payee. CoP requires a bank to match the payee IBAN with the name of the payee on file, and if the IBAN does not match the payee name, the payment will not be processed. There is no reason Irish banks should not immediately roll out CoP.
Commenting on these pressing fraudulent issues, Neil McDonnell, CEO of ISME, said: “Small businesses continue to suffer losses in the tens of millions because Ireland is failing to tackle the most basic elements of online and telephone fraud. It is not just these businesses that suffer, consumers are also affected by these types of fraud. This cannot continue, Government action is needed, now.
Therefore, we are calling on the Government to impose these three basic fraud reduction tactics on telephony operators, internet service providers and banks with immediate effect. While they will not eliminate fraud, these measures will most certainly make substantial steps in the right direction to reduce it.”